Highly Critical Hole Found in IE 336
dotpavan writes "Eweek reports on a highly critical MS Internet Explorer hole found by Secunia Research's Andreas Sandblad. The vulnerability is due to the processing of the "createTextRange()" method call applied on a radio button control.
From Secunia, "The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2." The vulnerability has also been confirmed in Internet Explorer 7 Beta 2 Preview (January edition) though it could be avoided by turning off Active Scripting, as suggested by Microsoft Security Response Center blog. How would this put MS in the market, hit by the ever-growing shots of vulnerabilties? And would the divorce of IE7 from Vista's Windows Explorer help?"
Patch available (Score:5, Funny)
GAH (Score:1, Funny)
Highly Critical Hole Found in IE? (Score:5, Funny)
Perhaps it would save time... (Score:5, Funny)
It is not a dupe! (Score:5, Funny)
It's a brand new hole!
--
Superb hosting [tinyurl.com] 20GB Storage, 1_TB_ bandwidth, ssh, $7.95
Hole? (Score:2, Funny)
Do what now? (Score:5, Funny)
So this article updates us to the fact that they plan to update us with an article prior to the update?
Re:Patch available (Score:3, Funny)
Could be worst... (Score:5, Funny)
Proof of concept (Score:5, Funny)
Someone translate this for me: (Score:2, Funny)
Come again?
got it backwards (Score:3, Funny)
Use it for good not evil (Score:3, Funny)
createTextRange(-1);
And just let the exploit install firefox. It's just that easy.
mirror (Score:4, Funny)
IE user, your house is on fire. Run for the hills! Go! Go!
divorce (Score:2, Funny)
maybe, but i still recommend divorcing windows entirely. i've loved computers before (not sexually
Dupe! (Score:3, Funny)
Re:Perhaps it would save time... (Score:2, Funny)
Come on, the RFC on this [faqs.org] is several years old!
Damn networking hardware monopoly is hampering progress!
I am... (Score:4, Funny)
Re:Highly Critical Hole Found in IE? (Score:4, Funny)
Re:It's funny (Score:2, Funny)
Safest browser ever available (Score:4, Funny)
The 1st IE7 worm after the 'divorce' from windows (Score:5, Funny)
Re:Proof of concept (Score:2, Funny)
Re:IE 7 in Vista would have been safe (Score:4, Funny)
Comment removed (Score:4, Funny)
Highly Critical (Score:3, Funny)
Re:Patch available (Score:1, Funny)
I found out that the directory explorer actually IS explorer and that Outlook requires IE as well or it just won't work.
They could have removed IE a long time ago but just decided NOT to.
1995 called; they want their news back.Re:Safest browser ever available (Score:5, Funny)
misplaced trust (Score:3, Funny)
You gullible, gullible fool : )
Re:Patch available (Score:3, Funny)
That's because you're not done until you replace Outlook with Thunderbird